Gifts for the Security-Minded – Mobile Edition

Survey time! Do you know anyone who locks their Android or iPhone with a password? If you can count yourself, then score one. Hopefully, your score continues to rise as you consider the habits of your friends, family and co-workers. If your score reaches 10, give yourself a gold star.

Unfortunately, you most likely won’t. The fact is that 53% of smartphone users claim to be unaware that security software is available for their devices. More important for credit unions: a majority of mobile banking users do not have security measures in place.

This is an old, old story, and we really do know how it ends. Is there any reason why we should have to replay the Internet attacks all over again with mobile?

Here are six “gift ideas” to deliver a more secure experience on our smartphones:

Keep Up-to-Date

The easiest way for a smartphone user to block attackers is to keep his/her software up-to-date. According to data published by AV-test, there are already more than 900,000 malware types for Android. A major factor in exploit success is known vulnerabilities in the operating system and/or application software. Attackers use them to gain access to systems. Manufacturers publish software updates to plug security holes. Users should install them as quickly as possible.

Take Passwords Seriously

Passwords are another building block of smartphone security – and for good reason. Today’s smartphones provide access to social media profiles, credit union accounts, friends, family, co-workers, email correspondence, shopping history and much, much more. A reasonably strong PIN or password is a must.

Store Nothing on the Phone

The convenience of stored user IDs and passwords can become the attacker’s magic carpet to the user’s social and financial assets should the phone be lost or stolen. Attackers try very hard to install malware on the phone that stealsuser IDs andpasswords to social networks, share draft accounts, etc. By storing none of that information on the phone, users make it difficult for attackers to succeed. That’s a good thing!

Prepare for the Worst

Phones get attacked, but the prepared user can disable the phone so that bad things don’t become worse. Apps like Apple’s “Find My iPhone” store the user’s ID securely on Apple’s activation servers and link to each device. If the user ever misplaces his device, s/he can use the Find My iPhone app to lock the screen with a four-digit passcode and display a custom message to help the user get the device back. The user can also remotely erase the device if necessary.

Watch Your Apps

A lot of malware gets distributed through innocent apps controlled by cybercriminals. When a sufficient number of users have installed an app, the criminals will announce a few updates – each one hiding malware. Users can protect themselves by avoiding applications installed from unknown sources or unofficial markets offering free applications. Users should also check the privileges of each installed app. There’s no reason why an app should have permission to self-install additional apps without the user’s consent.

Install Virus Protection

Consider installing a good antivirus program on your mobile device. Many of the major names in PC security have moved applied their expertise to mobile. Norton, Symantec, Kaspersky, Avast and others can detect and remove mobile threats. Additional modules will checks your apps and app updates for threats. The point is – it’s a wild world out there. Virus protection programs can help tame it. One note of caution: Anti-virus programs can drain your battery life, so be aware and don’t be afraid to test.

Happy New Year!

The suggestions above represent a short list of security ideas for the year ahead. More important than any single idea or New Year’s resolution is the vision of security as a focus and discipline. Suggestions for improvement should be encouraged throughout the year! With that thought in mind, let me wish you and your members a very happy holiday and a secure New Year!